<?php
include "../Lib/DBMySql.inc";
include "../Lib/Common.php";
include "../Lib/Lib.php";
include "../Entities/usersObj.php";
include "../DAL/usersDAL.php";

$mainDB = NewDB(DATABASE_HOST, DATABASE_NAME , DATABASE_USER, DATABASE_PASSWORD);
$pageError = "";

session_unregister('ALLOWRUN');
session_unregister('UserID');

if ($act=="LOGIN") {
	$returnData = usersDAL::GetList($mainDB, usersObj::usernameFieldName()."=".ToSQLPostVAL($Username), "", "", $pageError);
	if (count($returnData)>0) {
		$users = $returnData[0];
		if ($users->password != md5(trim($Password)))
			$pageError = "Password is invalid. Please enter another.";
		else if ($users->userroleid>3)
			$pageError = "You don't have right to use Admin tools.";
		else {
			$_SESSION['ALLOWRUN'] = "RUN";
			$_SESSION['UserID'] = $users->id;
			$users->datetimelogin = date("Y-m-d H:i:s");
			usersDAL::Update($mainDB, $users, $error);
			header ("Location: ./users/list.php");
		}
	}
	else {
		$pageError = "User '$Username' doesn't exist.";
	}
}

include "./header0.php";
?>

<TABLE WIDTH="500" BORDER="0" CELLSPACING="0" CELLPADDING="0" BGCOLOR="#ffffff" align="center">
  <TR>
    <TD ALIGN="CENTER">&nbsp;<p></TD>
  </TR>
  <TR>
    <TD ALIGN="CENTER">
      
        <form name="form" method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">
		    <input type="hidden" name="act" value="LOGIN">
            <TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5" align="center" BACKGROUND="../images/spacer.gif">
              <TR valign="baseline">
                <TD colspan=2 valign="baseline">
					&nbsp; &nbsp; 
					<IMG SRC="../images/login_icon.gif" WIDTH="60" HEIGHT="33">
					&nbsp; &nbsp; 
					<IMG SRC="../images/login_text.gif" WIDTH="241" HEIGHT="21">
				</TD>
              </TR>
              <TR>
                <TD ALIGN="RIGHT">&nbsp;</TD>
                <TD><font color="#FF0000"><?php echo $pageError;?></font></TD>
              </TR>
              <TR>
                <TD ALIGN="RIGHT">Login name:</TD>
                <TD>
                  <INPUT TYPE="text" NAME="Username" value="<? echo $Username;?>" SIZE="36"  class="inputText">
                </TD>
              </TR>
              <TR>
                <TD ALIGN="RIGHT">Password:</TD>
                <TD>
                  <INPUT TYPE="Password" NAME="Password" SIZE="36" class="inputText">
                </TD>
              </TR>
              <TR>
                <TD>&nbsp;</TD>
                <TD>
                  <INPUT TYPE="submit" NAME="login" VALUE="Login" style="font-family: verdana; font-size:10px">
                </TD>
              </TR>
            </TABLE>
            <script>
			document.form.Username.focus();
			</script>
        </form>
    </TD>
  </TR>
</TABLE>
<?php
include "./footer.php";
?>